version 1.278, 2004/03/24 07:36:29 |
version 1.279, 2004/03/29 18:09:51 |
|
|
<dl> |
<dl> |
|
|
<li> |
<li> |
|
<a name=35></a> |
|
|
|
<h3><font color=#e00000>OpenBSD 3.5 Security Advisories</font></h3> |
|
These are the OpenBSD 3.5 advisories -- all these problems are solved |
|
in <a href=anoncvs.html>OpenBSD current</a> and the |
|
<a href=stable.html>patch branch</a>. |
|
|
|
<p> |
|
<ul> |
|
<li>None yet. |
|
</ul> |
|
|
|
<p> |
|
<li> |
<a name=34></a> |
<a name=34></a> |
|
|
<h3><font color=#e00000>OpenBSD 3.4 Security Advisories</font></h3> |
<h3><font color=#e00000>OpenBSD 3.4 Security Advisories</font></h3> |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
<li><a href=errata.html#openssl> March 17, 2004: |
<li><a href=errata34.html#openssl> March 17, 2004: |
A missing check for a NULL-pointer dereference may allow a |
A missing check for a NULL-pointer dereference may allow a |
remote attacker to crash applications using OpenSSL. |
remote attacker to crash applications using OpenSSL. |
<li><a href=errata.html#isakmpd2> March 17, 2004: |
<li><a href=errata34.html#isakmpd2> March 17, 2004: |
Defects in the payload validation and processing functions of |
Defects in the payload validation and processing functions of |
isakmpd have been discovered. An attacker could send malformed |
isakmpd have been discovered. An attacker could send malformed |
ISAKMP messages and cause isakmpd to crash or to loop endlessly.</a> |
ISAKMP messages and cause isakmpd to crash or to loop endlessly.</a> |
<li><a href=errata.html#httpd2> March 13, 2004: |
<li><a href=errata34.html#httpd2> March 13, 2004: |
Due to a bug in the parsing of Allow/Deny rules for httpd(8)'s |
Due to a bug in the parsing of Allow/Deny rules for httpd(8)'s |
access module, using IP addresses without a netmask on big endian |
access module, using IP addresses without a netmask on big endian |
64-bit platforms causes the rules to fail to match.</a> |
64-bit platforms causes the rules to fail to match.</a> |
<li><a href=errata.html#ip6> February 8, 2004: |
<li><a href=errata34.html#ip6> February 8, 2004: |
An IPv6 MTU handling problem exists that could be used by an |
An IPv6 MTU handling problem exists that could be used by an |
attacker to cause a denial of service attack.</a> |
attacker to cause a denial of service attack.</a> |
<li><a href=errata.html#sysvshm> February 5, 2004: |
<li><a href=errata34.html#sysvshm> February 5, 2004: |
A reference counting bug in shmat(2) could be used to write to |
A reference counting bug in shmat(2) could be used to write to |
kernel memory under certain circumstances.</a> |
kernel memory under certain circumstances.</a> |
<li><a href=errata.html#isakmpd>January 13, 2004: |
<li><a href=errata34.html#isakmpd>January 13, 2004: |
Several message handling flaws in isakmpd(8) have been reported |
Several message handling flaws in isakmpd(8) have been reported |
by Thomas Walpuski.</a> |
by Thomas Walpuski.</a> |
<li><a href=errata.html#ibcs2>November 17, 2003: |
<li><a href=errata34.html#ibcs2>November 17, 2003: |
It may be possible for a local user to overrun the stack in |
It may be possible for a local user to overrun the stack in |
compat_ibcs2(8) and cause a kernel panic.</a> |
compat_ibcs2(8) and cause a kernel panic.</a> |
<li><a href=errata.html#asn1>November 1, 2003: |
<li><a href=errata34.html#asn1>November 1, 2003: |
The use of certain ASN.1 encodings or malformed public keys may |
The use of certain ASN.1 encodings or malformed public keys may |
allow an attacker to mount a denial of service attack against |
allow an attacker to mount a denial of service attack against |
applications linked with ssl(3).</a> |
applications linked with ssl(3).</a> |